Solaris Express Installation Guide: Network-Based Installations

sysidcfg File Keywords

Table 2–3 lists the keywords you can use to configure system information in the sysidcfg file.

Table 2–3 Keywords to Use in sysidcfg

Configuration Information 

Keyword 

Keyboard layout and language 

keyboard Keyword

Naming service, domain name, name server 

name_service Keyword

Network interface, host name, Internet Protocol (IP) address, netmask, DHCP, IPv6 

network_interface Keyword

Domain name definition for NFSv4 

nfs4_domain Keyword

Root password 

root_password Keyword

Security policy 

security_policy Keyword

Network security profile 

service_profile Keyword

Language in which to display the install program and desktop 

system_locale Keyword

Terminal type 

terminal Keyword

Time zone 

timezone Keyword

Date and time 

timeserver Keyword

The following sections describe the keywords that you can use in the sysidcfg file.

keyboard Keyword

The sysidkdb tool configures your USB language and its corresponding keyboard layout.

SPARC: This change is effective starting with the Solaris Express 10/06 release.

x86: This change is effective starting with the Solaris Express 2/07 release.

The following procedure occurs:

You can configure the keyboard language and its corresponding keyboard layout information by using the keyboard keyword. Each language has its own keyboard layout. Use the following syntax to select a language and its corresponding layout.

keyboard=keyboard_layout

For example, this entry sets the keyboard language and its corresponding keyboard layout for the German language:

keyboard=German

The value provided for keyboard_layout must be a valid value. Otherwise, an interactive response is required during installation. The valid keyboard_layout strings are defined in the /usr/share/lib/keytables/type_6/kbd_layouts file.


SPARC only –

Previously, the USB keyboard assumed a self-identifying value of 1 during the installation. Therefore, all of the keyboards that were not self-identifying always configured for a U.S. English keyboard layout during installation.


If the keyboard is not self-identifying and you want to prevent being prompted during your JumpStart installation, select the keyboard language in your sysidcfg file. For JumpStart installations, the default is for the U.S. English language. To select another language and its corresponding keyboard layout, set the keyboard entry in your sysidcfg file as in the example provided above.

For further information, see the sysidcfg(4) and sysidtool(1M) man pages.

name_service Keyword

You can use the name_service keyword to configure the naming service, the domain name, and the name server for the system. The following sample shows the general syntax for the name_service keyword.


name_service=name-service {domain_name=domain-name 
                                 name_server=name-server
                                 optional-keyword=value}

Choose only one value for name_service. Include all or none of the domain_name, name_server, or optional keywords, as needed. If no keywords are used, omit the curly braces {}.


Note –

The name_service option in the sysidcfg file automatically sets the naming service during installation of the Solaris OS. This setting overrides SMF services that were previously set up for site.xml. Therefore, you might need to reset your name service after installation.


The following sections describe the keyword syntax to configure the system to use a specific naming service.

NIS Syntax for name_service Keyword

Use the following syntax to configure the system to use the NIS naming service.


name_service=NIS {domain_name=domain-name 
                   name_server=hostname(ip-address)}
domain-name

Specifies the domain name

hostname

Specifies the host name of the name server

ip-address

Specifies the IP address of the name server


Example 2–4 Specifying a NIS Server With the name_service Keyword

The following example specifies a NIS server with the domain name west.example.com. The server's host name is timber, and the server IP address is 192.168.2.1.


name_service=NIS {domain_name=west.example.com 
                  name_server=timber(192.168.2.1)}

For more information about the NIS name service, see System Administration Guide: Naming and Directory Services (DNS, NIS, and LDAP).

NIS+ Syntax for name_service Keyword

Use the following syntax to configure the system to use the NIS name service.


name_service=NIS+ {domain_name=domain-name 
                   name_server=hostname(ip-address)}
domain-name

Specifies the domain name

hostname

Specifies the host name of the name server

ip-address

Specifies the IP address of the name server


Example 2–5 Specifying a NIS+ Server With the name_service Keyword

The following example specifies a NIS+ server with the domain name west.example.com. The server's host name is timber, and the server IP address is 192.168.2.1.


name_service=NIS+ {domain_name=west.example.com 
                   name_server=timber(192.168.2.1)}

For more information about the NIS+ name service, see System Administration Guide: Naming and Directory Services (NIS+).

DNS Syntax for name_service Keyword

Use the following syntax to configure the system to use DNS.


name_service=DNS {domain_name=domain-name 
                  name_server=ip-address,ip-address,ip-address
                  search=domain-name,domain-name,domain-name,
                  domain-name,domain-name,domain-name} 
domain_name=domain-name

Specifies the domain name.

name_server=ip-address

Specifies the IP address of the DNS server. You can specify up to three IP addresses as values for the name_server keyword.

search=domain-name

(Optional) Specifies additional domains to search for naming service information. You can specify up to six domain names to search. The total length of each search entry cannot exceed 250 characters.


Example 2–6 Specifying a DNS Server With the name_service Keyword

The following example specifies a DNS server with the domain name west.example.com. The server IP addresses are 10.0.1.10 and 10.0.1.20. example.com and east.example.com are listed as additional domains to search for naming service information.


name_service=DNS {domain_name=west.example.com 
                  name_server=10.0.1.10,10.0.1.20 
                  search=example.com,east.example.com}

For more information about the DNS name service, see System Administration Guide: Naming and Directory Services (DNS, NIS, and LDAP).

LDAP Syntax for name_service Keyword

Use the following syntax to configure the system to use LDAP.


name_service=LDAP {domain_name=domain_name
                   profile=profile_name profile_server=ip_address 
                   proxy_dn="proxy_bind_dn" proxy_password=password}
domain_name

Specifies the domain name of the LDAP server.

profile_name

Specifies the name of the LDAP profile you want to use to configure the system.

ip_address

Specifies the IP address of the LDAP profile server.

proxy_bind_dn

(Optional) Specifies the proxy bind distinguished name. You must enclose the proxy_bind_dn value in double quotes.

password

(Optional) Specifies the client proxy password.


Example 2–7 Specifying an LDAP Server With the name_service Keyword

The following example specifies an LDAP server with the following configuration information.


name_service=LDAP {domain_name=west.example.com 
                   profile=default 
                   profile_server=172.31.2.1 
                   proxy_dn="cn=proxyagent,ou=profile,
                   dc=west,dc=example,dc=com" 
                   proxy_password=password}

For more information about how to use LDAP, see System Administration Guide: Naming and Directory Services (DNS, NIS, and LDAP).

network_interface Keyword

Use the network_interface keyword to perform the following tasks.

The following sections describe how to use the network_interface keyword to configure the system interfaces.

Syntax for Nonnetworked Systems

To turn off networking for the system, set the network_interface value to none. For example:


network_interface=none

Syntax for Configuring a Single Interface

You can use the network_interface keyword to configure a single interface in the following ways.


Example 2–8 Configuring a Single Interface By Using DHCP With the network_interface Keyword

The following example instructs the installation program to use DHCP to configure the eri0 network interface. IPv6 support is not enabled.


network_interface=eri0 {dhcp protocol_ipv6=no}


Example 2–9 Configuring a Single Interface By Specifying Configuration Information With the network_interface Keyword

The following example configures the interface eri0 with the following settings.


network_interface=eri0 {hostname=host1 ip_address=172.31.88.100
                        netmask=255.255.255.0 protocol_ipv6=no}

Syntax for Configuring Multiple Interfaces

You can configure multiple network interfaces in your sysidcfg file. For each interface that you want to configure, include a network_interface entry in the sysidcfg file.

You can use the network_interface keyword to configure multiple interfaces in the following ways.

In the same sysidcfg file, you can use DHCP to configure certain interfaces, while also specifying the configuration information for other interfaces in the sysidcfg file.


Example 2–10 Configuring Multiple Interfaces With the network_interface Keyword

In the following example, the network interfaces eri0 and eri1 are configured in the following way.


network_interface=eri0 {dhcp protocol_ipv6=no}
network_interface=eri1 {primary hostname=host1 
                        ip_address=172.146.88.100
                        netmask=255.255.255.0 
                        protocol_ipv6=no}

nfs4_domain Keyword

To prevent being asked to specify an NFSv4 domain name during installation, use the nfs4_domain keyword in the sysidcfg file. This keyword suppresses selection of a domain name during the installation process. Use the following syntax:


nfs4_domain=dynamic or custom_domain_name
dynamic

This reserved keyword dynamically derives the NFSv4 domain name based on naming services configuration. For example:


nfs4_domain=dynamic

This example enables the domain name to be derived by the naming service.

The reserved keyword, dynamic, is not case sensitive.


Note –

By default, NFSv4 uses a domain name that is automatically derived from the system's naming services. This domain name is sufficient for most configurations. In a few cases, mount points that cross domain boundaries can cause files to appear to be owned by “nobody” because no common domain name exists. To prevent this situation, you can override the default domain name and select a custom domain name.


custom_domain_name

This value overrides the default domain name.

This value must be a valid custom domain name. A valid domain name is composed of a combination of alphanumeric characters, dots, underscores, and dashes only. The first character must be an alpha character. For example:


nfs4_domain=example.com

This example sets the value that is used by the nfsmapid daemon to be example.com. This selection overrides the default domain name.


Note –

In prior releases, the /etc/.NFS4inst_state.domain file was created by the sysidnfs4 program. This file would suppress the prompt for an NFSv4 domain name during installation. This file is no longer created. Use the sysidcfg keyword, nfs4_domain, instead.


root_password Keyword

You can specify the root password to the system in the sysidcfg file. To specify the root password, use the root_password keyword with the following syntax.


root_password=encrypted-password

encrypted-password is the encrypted password as it appears in the /etc/shadow file.

security_policy Keyword

You can use the security_policy keyword in your sysidcfg file to configure your system to use the Kerberos network authentication protocol. If you want to configure the system to use Kerberos, use the following syntax.


security_policy=kerberos {default_realm=FQDN 
                          admin_server=FQDN kdc=FQDN1, FQDN2, FQDN3}

FQDN specifies the fully qualified domain name of the Kerberos default realm, the administration server, or key distribution center (KDC). You must specify at least one, but no more than three, key distribution centers.

If you do not want to set the security policy for the system, set security_policy=NONE.

For more information about the Kerberos network authentication protocol, see System Administration Guide: Security Services.


Example 2–11 Configuring the System to Use Kerberos With the security_policy Keyword

The following example configures the system to use Kerberos with the following information.


security_policy=kerberos 
                {default_realm=example.COM 
                 admin_server=krbadmin.example.com 
                 kdc=kdc1.example.com, 
                 kdc2.example.com}

service_profile Keyword

You can use the service_profile keyword to install a more secure system by restricting network services. This security option is only available for initial installations. An upgrade maintains all previously set services.

Use one of the following syntaxes to set this keyword.


service_profile=limited_net

service_profile=open

limited_net specifies that all network services, except for Secure Shell, are either disabled or constrained to respond to local requests only. After installation, any individual network service can be enabled by using the svcadm and svccfg commands.

open specifies that no network service changes are made during installation.

If the service_profile keyword is not present in the sysidcfg file, no changes are made to the status of the network services during installation.

The network services can be enabled after installation by using the netservices open command or by enabling individual services by using SMF commands. See Revising Security Settings After Installation in Solaris Express Installation Guide: Planning for Installation and Upgrade.

For further information about limiting network security during installation, see Planning Network Security in Solaris Express Installation Guide: Planning for Installation and Upgrade. See also the following man pages.

system_locale Keyword

You can use the system_locale keyword to specify the language in which to display the install program and desktop. Use the following syntax to specify a locale.


system_locale=locale

locale specifies the language that you want the system to use to display the installation panels and screens. For a list of valid locale values, see the /usr/lib/locale directory or International Language Environments Guide.

terminal Keyword

You can use the terminal keyword to specify the terminal type for the system. Use the following syntax to specify the terminal type.


terminal=terminal_type

terminal_type specifies the terminal type for the system. For a list of valid terminal values, see the subdirectories in the /usr/share/lib/terminfo directory.

timezone Keyword

You can set the time zone for the system with the timezone keyword. Use the following syntax.


timezone=timezone

In the previous example, timezone specifies the time zone value for the system. The directories and files in the /usr/share/lib/zoneinfo directory provide the valid time zone values. The timezone value is the name of the path relative to the /usr/share/lib/zoneinfo directory. You can also specify any valid Olson time zone.


Example 2–12 Configuring the System Time Zone With the timezone Keyword

In the following example, the system time zone is set to mountain standard time in the United States.


timezone=US/Mountain

The installation program configures the system to use the time zone information in /usr/share/lib/zoneinfo/US/Mountain.


timeserver Keyword

You can use the timeserver keyword to specify the system that sets the date and time on the system you want to install.

Choose one of the following methods to set the timeserver keyword.